North Country Business Products hack affects several other companies

According to a recent security alert released by North Country Business Products, a major hack has occurred within the company’s network. The Minnesota-based point-of-sale (POS) service provider is in the employ of numerous major companies. In total the hack, which allowed a data-stealing malware to infiltrate the company’s POS systems, has affected more than 130 locations of businesses like Dunn Brothers Coffee and hotel chains like Holiday Inn.

As a result of this, numerous customers have had their data potentially exposed to the attackers and, most likely, cybercriminals on the Dark Web. It is quite common for data breaches to result in victim data being spread around for identity hijackers to exploit.

Still, the question remains how this occurred in the first place? The incident report from North Country Business Products shed light on this. The most important quoted information can be found below:

On January 4, 2019, North Country learned of suspicious activity occurring within certain client networks. North Country immediately launched an investigation, working with third-party forensic investigators to determine the nature and scope of the event. On January 30, 2019, the investigation determined that an unauthorized party was able to deploy malware to certain of North Country’s business partners restaurants between January 3, 2019, and January 24, 2019, that collected credit and debit card information. Specific information potentially accessed includes the cardholder’s name, credit card number, expiration date, and CVV.

North Country is notifying potentially affected customers of its business partners by this posting, and by notifying the media about this event. Potentially affected consumers can review the information below for steps on how they can protect themselves from fraud or identity theft... North Country established a dedicated assistance line for individuals seeking additional information regarding this incident. Consumers can call 1-877-204-9537, Monday through Friday (excluding U.S. holidays), 9:00 a.m. to 9:00 p.m. EST.

It is not uncommon to see hackers go after POS services, but it has been some time since an attack of this magnitude has occurred. With talk of ransomware and cryptojacking, security experts must still remain focused on other forms of attack. As this incident with North Country Business Products shows, there is no such thing as an abandoned strategy in the hackers’ toolbox.

Featured image: Wikimedia

Derek Kortepeter

Derek Kortepeter is a graduate of UCLA and tech journalist that is committed to creating an informed society with regards to Information Security. Kortepeter specializes in areas such as penetration testing, cryptography, cyber warfare, and governmental InfoSec policy.

Share
Published by
Derek Kortepeter

Recent Posts

Hardware RAID vs. software RAID: Pros and cons for each

RAID is a technique to virtualize independent disks into arrays for improved performance. Should you…

3 days ago

After the plague: What IT will look like in a post-COVID-19 world

COVID-19 has changed everything, but once it disappears, we will not go back to how…

3 days ago

Solved: Outlook defaults to Microsoft 365 version with Exchange server

An Exchange server with a hybrid connection to Microsoft 365 is usually pretty seamless —…

4 days ago

How chatbots are changing the way teams communicate internally

Chatots are primarily thought of as consumer-facing solutions. They bring life to customer interactions by…

4 days ago

Hakbit ransomware campaign targeting specific European countries

The newly uncovered Hakbit ransomware campaign spread via spear-phishing emails may indicate a shift in…

4 days ago

Credential stuffing: Everything you need to know to avoid being a victim

Credential stuffing is yet another weapon being used by cybercriminals. Here’s what credential stuffing is…

5 days ago